Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
rubygems Security Advisories
Loading...
High
Ecosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 3 days ago
GSA_kwCzR0hTQS1nN3hxLXh2OGMtaDk4Y84AA7Da
Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tagsEcosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 3 days ago
Moderate
Ecosystems: rubygems
Packages: carrierwave
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: 25 days ago
GSA_kwCzR0hTQS12Zm12LWpmYzUtcGpqd84AA6Re
CarrierWave content-Type allowlist bypass vulnerability which possibly leads to XSS remainedEcosystems: rubygems
Packages: carrierwave
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: 25 days ago
High
Ecosystems: rubygems
Packages: rdoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
GSA_kwCzR0hTQS01OTJqLTk5NWgtcDIzas4AA6RV
RDoc RCE vulnerability with .rdoc_optionsEcosystems: rubygems
Packages: rdoc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
High
Ecosystems: rubygems
Packages: stringio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
GSA_kwCzR0hTQS12NWg2LWMyaHYtaHYzcs4AA6RU
StringIO buffer overread vulnerabilityEcosystems: rubygems
Packages: stringio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 25 days ago
Moderate
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS12Y2MzLXJ3NmYtanY5N84AA6Gq
Use-after-free in libxml2 via Nokogiri::XML::ReaderEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
Moderate
Ecosystems: rubygems
Packages: rotp
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: about 1 month ago
GSA_kwCzR0hTQS14Mmg4LXFtajQtZzYyZs4AA6Fh
ROTP 6.2.2 and 6.2.1 has 0666 permissions for the .rb files.Ecosystems: rubygems
Packages: rotp
Source: GitHub Advisory Database
Blast Radius: 18.5
Published: about 1 month ago
High
Ecosystems: npm, rubygems
Packages: @turbo-boost/commands, turbo_boost-commands
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: about 1 month ago
GSA_kwCzR0hTQS1tcDc2LTd3NXYtcHI3Nc4AA6CN
TurboBoost Commands vulnerable to arbitrary method invocationEcosystems: npm, rubygems
Packages: @turbo-boost/commands, turbo_boost-commands
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: about 1 month ago
Critical
Ecosystems: rubygems
Packages: discordrb
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: about 1 month ago
GSA_kwCzR0hTQS04ODMyLTRtbTUteDJyNs4AA6Aa
discordrb OS Command Injection vulnerabilityEcosystems: rubygems
Packages: discordrb
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: about 1 month ago
High
Ecosystems: npm, rubygems
Packages: stimulus_reflex
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: about 1 month ago
GSA_kwCzR0hTQS1mNzhqLTR3M2ctNHE2Nc4AA56t
StimulusReflex arbitrary method callEcosystems: npm, rubygems
Packages: stimulus_reflex
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: about 1 month ago
High
Ecosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 1 month ago
GSA_kwCzR0hTQS0yNDJwLTR2MzktMnY4Z84AA56s
Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in PhlexEcosystems: rubygems
Packages: phlex
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: about 1 month ago
Moderate
Ecosystems: rubygems
Packages: json-jwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1jOHY2LTc4Nmctdmp4Ns4AA5mu
json-jwt allows bypass of identity checks via a sign/encryption confusion attackEcosystems: rubygems
Packages: json-jwt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS0yMmYyLXY1N2MtajljeM4AA5mE
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS14ajV2LTZ2NGctamZ3Ns4AA5mD
Rack has possible DoS Vulnerability with Range HeaderEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS01NHJyLTdmdnctNng4Zs4AA5mC
Rack Header Parsing leads to Possible Denial of Service VulnerabilityEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
Ecosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 2 months ago
GSA_kwCzR0hTQS04bXE0LTlqamgtOXhyY84AA5l2
YARD's default template vulnerable to Cross-site Scripting in generated frames.htmlEcosystems: rubygems
Packages: yard
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 2 months ago
Moderate
Ecosystems: rubygems
Packages: activestorage
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: about 2 months ago
GSA_kwCzR0hTQS04aDIyLThjZjctaHE2Z84AA5jP
Rails has possible Sensitive Session Information Leak in Active StorageEcosystems: rubygems
Packages: activestorage
Source: GitHub Advisory Database
Blast Radius: 28.9
Published: about 2 months ago
Moderate
Ecosystems: rubygems
Packages: rails, actionpack
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 2 months ago
GSA_kwCzR0hTQS05ODIyLTZtOTMteHFmNM4AA5jO
Rails has possible XSS Vulnerability in Action ControllerEcosystems: rubygems
Packages: rails, actionpack
Source: GitHub Advisory Database
Blast Radius: 36.3
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS1qamh4LWpodnAtNzR3cc4AA5jN
Rails has possible ReDoS vulnerability in Accept header parsing in Action DispatchEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
Ecosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
GSA_kwCzR0hTQS03ODVnLTI4MnEtcHd2eM4AA5gh
Rack CORS Middleware has Insecure File PermissionsEcosystems: rubygems
Packages: rack-cors
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 2 months ago
GSA_kwCzR0hTQS05dzk5LTc4cmotaG14cc4AA5Zn
Cross-site scripting (XSS) in the dynamic file uploadsEcosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: about 2 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-system, decidim-admin, decidim, devise_invitable
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 2 months ago
GSA_kwCzR0hTQS13M3E4LW00OTItNHB3cM4AA5Zd
Possibility to circumvent the invitation token expiry periodEcosystems: rubygems
Packages: decidim-system, decidim-admin, decidim, devise_invitable
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: about 2 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-templates
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 2 months ago
GSA_kwCzR0hTQS1mM3FtLXZmYzMtamc2ds4AA5ZJ
Possible CSRF attack at questionnaire templates previewEcosystems: rubygems
Packages: decidim-templates
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: about 2 months ago
Low
Ecosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 2 months ago
GSA_kwCzR0hTQS1yMjc1LWo1N2MtN21mMs4AA5ZI
Race condition in EndorsementsEcosystems: rubygems
Packages: decidim
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: about 2 months ago
High
Ecosystems: rubygems
Packages: sidekiq-unique-jobs
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 2 months ago
GSA_kwCzR0hTQS1jbWg5LXJ4ODUteGozOM4AA5P5
XSS sidekiq-unique-jobs UI server vulnerabilityEcosystems: rubygems
Packages: sidekiq-unique-jobs
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 2 months ago
Moderate
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS14Yzl4LWpqNzctOXA5as4AA5Ek
Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Moderate
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: 3 months ago
GSA_kwCzR0hTQS1nOHZwLTJ2NXAtOXFmaM4AA4ir
Cross-site scripting (XSS) in Action messages on AvoEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 9.5
Published: 3 months ago
High
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 3 months ago
GSA_kwCzR0hTQS1naGp2LW1oNngtN3E2aM4AA4eR
avo vulnerable to stored cross-site scripting (XSS) in key_value fieldEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 3 months ago
Moderate
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: 3 months ago
GSA_kwCzR0hTQS1jMmY0LWN2cW0tNjV3Ms4AA4Qh
Puma HTTP Request/Response Smuggling vulnerabilityEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 33.1
Published: 3 months ago
Moderate
Ecosystems: rubygems
Packages: view_component
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 4 months ago
GSA_kwCzR0hTQS13ZjJ4LTh3NmotcXczN84AA4My
view_component Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: view_component
Source: GitHub Advisory Database
Blast Radius: 19.5
Published: 4 months ago
High
Ecosystems: rubygems
Packages: omniauth-microsoft_graph
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 4 months ago
GSA_kwCzR0hTQS01ZzY2LTYyOGYtN2N2as4AA4Lx
Omniauth::MicrosoftGraph Account takeover (nOAuth)Ecosystems: rubygems
Packages: omniauth-microsoft_graph
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 4 months ago
Moderate
Ecosystems: rubygems
Packages: activeadmin
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: 4 months ago
GSA_kwCzR0hTQS14aHZ2LTNqd3ctYzQ4N84AA4D6
ActiveAdmin CSV Injection leading to sensitive information disclosureEcosystems: rubygems
Packages: activeadmin
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: 4 months ago
Moderate
Ecosystems: rubygems
Packages: resque
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: 4 months ago
GSA_kwCzR0hTQS1yOHh4LTh2bTgteDZ3as4AA34N
Resque vulnerable to Reflected Cross Site Scripting through pathnamesEcosystems: rubygems
Packages: resque
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: 4 months ago
Moderate
Ecosystems: rubygems
Packages: resque
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: 4 months ago
GSA_kwCzR0hTQS1nYzNqLXZ2d2YtNHJwOM4AA34M
Resque vulnerable to reflected XSS in resque-web failed and queues listsEcosystems: rubygems
Packages: resque
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: 4 months ago
Moderate
Ecosystems: rubygems
Packages: resque
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: 4 months ago
GSA_kwCzR0hTQS1yOW1xLW03MngtMjU3Z84AA34L
Resque vulnerable to reflected XSS in Queue EndpointEcosystems: rubygems
Packages: resque
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: 4 months ago
Moderate
Ecosystems: rubygems
Packages: resque-scheduler
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: 4 months ago
GSA_kwCzR0hTQS05aG1xLWZtMzMteDR4eM4AA34I
Resque Scheduler Reflected XSS In Delayed Jobs ViewEcosystems: rubygems
Packages: resque-scheduler
Source: GitHub Advisory Database
Blast Radius: 21.7
Published: 4 months ago
High
Ecosystems: rubygems
Packages: activeadmin
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 4 months ago
GSA_kwCzR0hTQS0zNTZqLWhnNDUteDUyNc4AA323
Potential CSV export data leakEcosystems: rubygems
Packages: activeadmin
Source: GitHub Advisory Database
Blast Radius: 35.8
Published: 4 months ago
Moderate
Ecosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 5 months ago
GSA_kwCzR0hTQS01ODQ0LXEzZmMtNTZyaM4AA3lZ
pubnub Insufficient Entropy vulnerabilityEcosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 5 months ago
Moderate
Ecosystems: rubygems
Packages: carrierwave
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: 5 months ago
GSA_kwCzR0hTQS1neGh4LWc0ZnEtNDloas4AA3a3
CarrierWave Content-Type allowlist bypass vulnerability, possibly leading to XSSEcosystems: rubygems
Packages: carrierwave
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: 5 months ago
Moderate
Ecosystems: rubygems
Packages: rmagick
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: 6 months ago
GSA_kwCzR0hTQS1mcmdmLThqcjUtajJqds4AA2zW
memory leak flaw was found in ruby-magickEcosystems: rubygems
Packages: rmagick
Source: GitHub Advisory Database
Blast Radius: 22.5
Published: 6 months ago
High
Ecosystems: rubygems
Packages: encoded_id-rails
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS0zcHg3LWptMnAtNmgyY84AA2oN
encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDsEcosystems: rubygems
Packages: encoded_id-rails
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: rubygems
Packages: svg_optimizer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS02aHZnLTYycTgtOTV2N84AA2mT
svg_optimizer rubygem external XML entity (XXE) vulnerabilityEcosystems: rubygems
Packages: svg_optimizer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Critical
Ecosystems: rubygems
Packages: bolt
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: 7 months ago
GSA_kwCzR0hTQS0yODltLTI5NjQtZjhxNc4AA2Rv
Puppet Bolt privilege escalation vulnerabilityEcosystems: rubygems
Packages: bolt
Source: GitHub Advisory Database
Blast Radius: 27.3
Published: 7 months ago
Critical
Ecosystems: rubygems
Packages: geokit-rails
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 7 months ago
GSA_kwCzR0hTQS03eHZjLXY0NGotNDZmaM4AA2RG
geokit-rails Command Injection vulnerabilityEcosystems: rubygems
Packages: geokit-rails
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 7 months ago
High
Ecosystems: rubygems
Packages: decidim, decidim-templates
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: 7 months ago
GSA_kwCzR0hTQS02MzloLTg2aHctcWNqcc4AA2Qo
Decidim has broken access control in templatesEcosystems: rubygems
Packages: decidim, decidim-templates
Source: GitHub Advisory Database
Blast Radius: 17.7
Published: 7 months ago
Moderate
Ecosystems: rubygems
Packages: sidekiq
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 7 months ago
GSA_kwCzR0hTQS0zcWMyLXYzaHAtNmN2OM4AA13Y
sidekiq Denial of Service vulnerabilityEcosystems: rubygems
Packages: sidekiq
Source: GitHub Advisory Database
Blast Radius: 25.1
Published: 7 months ago
High
Ecosystems: pypi, rubygems
Packages: grpcio, grpc
Source: GitHub Advisory Database
Blast Radius: 61.2
Published: 7 months ago
GSA_kwCzR0hTQS1wMjVtLWpwajQtcWNycs4AA127
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)Ecosystems: pypi, rubygems
Packages: grpcio, grpc
Source: GitHub Advisory Database
Blast Radius: 61.2
Published: 7 months ago
Low
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1jcjVxLTZxOWYtcnE2cc4AA1eP
Active Support Possibly Discloses Locally Encrypted FilesEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Critical
Ecosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 54.9
Published: 8 months ago
GSA_kwCzR0hTQS02OHhnLWdxcW0tdmdqOM4AA1Yw
Puma HTTP Request/Response Smuggling vulnerabilityEcosystems: rubygems
Packages: puma
Source: GitHub Advisory Database
Blast Radius: 54.9
Published: 8 months ago
Moderate
Ecosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS03dmg3LWZ3ODgtd2o4N84AA1Il
Several quadratic complexity bugs may lead to denial of service in CommonmarkerEcosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
Ecosystems: rubygems
Packages: protocol-http1
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 9 months ago
GSA_kwCzR0hTQS02andjLXFyMnEtN3h3as4AA1CM
protocol-http1 HTTP Request/Response Smuggling vulnerabilityEcosystems: rubygems
Packages: protocol-http1
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: 9 months ago
High
Ecosystems: rubygems
Packages: rswag
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 9 months ago
GSA_kwCzR0hTQS12Yzc5LTY1cHItcTgyds4AA0uC
rswag vulnerable to arbitrary JSON and YAML file read via directory traversalEcosystems: rubygems
Packages: rswag
Source: GitHub Advisory Database
Blast Radius: 20.9
Published: 9 months ago
Moderate
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: 9 months ago
GSA_kwCzR0hTQS00NjloLW1xZzgtNTM1cs4AA0m3
Decidim Cross-site Scripting vulnerability in the external link redirectionsEcosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 15.2
Published: 9 months ago
High
Ecosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: 9 months ago
GSA_kwCzR0hTQS01NjUyLTkycjktM2Z4Oc4AA0m4
Decidim Cross-site Scripting vulnerability in the processes filterEcosystems: rubygems
Packages: decidim-core, decidim
Source: GitHub Advisory Database
Blast Radius: 20.2
Published: 9 months ago
High
Ecosystems: rubygems
Packages: decidim-meetings, decidim
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 9 months ago
GSA_kwCzR0hTQS1qbTc5LTlwbTQtdnJ3Oc4AA0m2
Decidim vulnerable to sensitive data disclosureEcosystems: rubygems
Packages: decidim-meetings, decidim
Source: GitHub Advisory Database
Blast Radius: 18.7
Published: 9 months ago
Moderate
Ecosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 63.4
Published: 10 months ago
GSA_kwCzR0hTQS05aHhmLXBwanYtdzZycc4AA0dy
gRPC connection termination issueEcosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 63.4
Published: 10 months ago
High
Ecosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 89.7
Published: 10 months ago
GSA_kwCzR0hTQS02NjI4LXE2ajktdzh2Z84AA0dX
gRPC Reachable Assertion issueEcosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 89.7
Published: 10 months ago
High
Ecosystems: rubygems
Packages: sanitize
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 10 months ago
GSA_kwCzR0hTQS1mNXd3LWNxM20tcTNnN84AA0Xi
Sanitize vulnerable to Cross-site Scripting via insufficient neutralization of `style` element contentEcosystems: rubygems
Packages: sanitize
Source: GitHub Advisory Database
Blast Radius: 28.6
Published: 10 months ago
High
Ecosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 88.5
Published: 10 months ago
GSA_kwCzR0hTQS1jZmdwLTI5NzctMmZtbc4AA0N9
Connection confusion in gRPCEcosystems: rubygems, pypi, maven
Packages: grpc, grpcio, io.grpc:grpc-protobuf
Source: GitHub Advisory Database
Blast Radius: 88.5
Published: 10 months ago
Moderate
Ecosystems: rubygems
Packages: uri
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 10 months ago
GSA_kwCzR0hTQS1od3cyLTVnODUtNDI5bc4AA0Ip
URI gem has ReDoS vulnerabilityEcosystems: rubygems
Packages: uri
Source: GitHub Advisory Database
Blast Radius: 16.3
Published: 10 months ago
Moderate
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS00Zzh2LXZnNDMtd3BnZs4AA0Io
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_toEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 10 months ago
GSA_kwCzR0hTQS05N3doLTZobWotZzhqOc4AA0GL
Spina Cross-site Scripting vulnerabilityEcosystems: rubygems
Packages: spina
Source: GitHub Advisory Database
Blast Radius: 6.3
Published: 10 months ago
Moderate
Ecosystems: maven, npm, rubygems, nuget
Packages: org.webjars.npm:jquery, jquery, jquery-rails, jQuery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: 10 months ago
GSA_kwCzR0hTQS0yNTdxLXB2ODktdjN4ds4AA0D1
jQuery Cross Site Scripting vulnerabilityEcosystems: maven, npm, rubygems, nuget
Packages: org.webjars.npm:jquery, jquery, jquery-rails, jQuery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: 10 months ago
Moderate
Ecosystems: rubygems
Packages: doorkeeper
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 10 months ago
GSA_kwCzR0hTQS03dzJjLXc0N2gtNzg5d84AAzyW
Doorkeeper Improper Authentication vulnerabilityEcosystems: rubygems
Packages: doorkeeper
Source: GitHub Advisory Database
Blast Radius: 15.7
Published: 10 months ago
Moderate
Ecosystems: rubygems
Packages: actionview
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS14cDVoLWY4amYtcmM4cc4AAzxa
rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML ElementsEcosystems: rubygems
Packages: actionview
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Moderate
Ecosystems: rubygems
Packages: kredis
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1oMndtLXAydmctNnB3NM4AAzxZ
Kredis JSON Possible Deserialization of Untrusted Data VulnerabilityEcosystems: rubygems
Packages: kredis
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
High
Ecosystems: rubygems
Packages: RedCloth
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: 11 months ago
GSA_kwCzR0hTQS1xY20zLXZmcTUtd2ZyMs4AAzr_
RedCloth Regular Expression Denial of Service issueEcosystems: rubygems
Packages: RedCloth
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: 11 months ago
High
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: 11 months ago
GSA_kwCzR0hTQS04NmgyLTJnNGctMjlxeM4AAzr6
avo possible unsafe reflection / partial DoS vulnerabilityEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 12.1
Published: 11 months ago
High
Ecosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 11 months ago
GSA_kwCzR0hTQS01Y3I5LTVqeDMtMmczOc4AAzrM
avo vulnerable to Stored XSS (Cross Site Scripting) in html content based fieldsEcosystems: rubygems
Packages: avo
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: 11 months ago
Critical
Ecosystems: rubygems
Packages: ruby-saml
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: 11 months ago
GSA_kwCzR0hTQS1yMzY0LTJwajQtcGY3Zs4AAzf1
ruby-saml vulnerable to XPath injectionEcosystems: rubygems
Packages: ruby-saml
Source: GitHub Advisory Database
Blast Radius: 32.9
Published: 11 months ago
Critical
Ecosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 11 months ago
GSA_kwCzR0hTQS14NDg3LTg2Nm0tcDhocs4AAze4
Server-Side Template Injection in Camaleon CMSEcosystems: rubygems
Packages: camaleon_cms
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 11 months ago
Low
Ecosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: 12 months ago
GSA_kwCzR0hTQS1oanAzLTVnMnEtN2p3d84AAzCk
Race Condition leading to logging errorsEcosystems: rubygems
Packages: audited
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: 12 months ago
Critical
Ecosystems: rubygems, pypi
Packages: sha3, pysha3
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: 12 months ago
GSA_kwCzR0hTQS02dzRtLTJ4aGctMjY1OM4AAy-v
Buffer overflow in sponge queue functionsEcosystems: rubygems, pypi
Packages: sha3, pysha3
Source: GitHub Advisory Database
Blast Radius: 48.7
Published: 12 months ago
Low
Ecosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 12 months ago
GSA_kwCzR0hTQS02NWcyLXg1M3EtY21mNs4AAy9A
Sensitive Terraform Output Values Printed At Info Logging Level In Kitchen-TerraformEcosystems: rubygems
Packages: kitchen-terraform
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 12 months ago
High
Ecosystems: rubygems
Packages: sidekiq
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: 12 months ago
GSA_kwCzR0hTQS1oM3I4LWg1cXctNHIzNc4AAy6H
sidekiq vulnerable to cross-site scriptingEcosystems: rubygems
Packages: sidekiq
Source: GitHub Advisory Database
Blast Radius: 36.6
Published: 12 months ago
High
Ecosystems: rubygems
Packages: pay
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 12 months ago
GSA_kwCzR0hTQS1jcWYzLXZweDctcnhod84AAy5d
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in PayEcosystems: rubygems
Packages: pay
Source: GitHub Advisory Database
Blast Radius: 14.5
Published: 12 months ago
Moderate
Ecosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS00OHdwLXA5cXYtNGo2NM4AAytp
Commonmarker vulnerable to to several quadratic complexity bugs that may lead to denial of serviceEcosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1weHZnLTJxajUtMzdqcc4AAytn
Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEsEcosystems: rubygems
Packages: nokogiri
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: govuk_tech_docs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS14Mnh3LWh3OGctNjc3M84AAyrS
govuk_tech_docs vulnerable to unescaped HTML on search results pageEcosystems: rubygems
Packages: govuk_tech_docs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: fluentd-ui, fluentd
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 1 year ago
GSA_kwCzR0hTQS13cnhmLXg4cm0tNmdnZ84AAyiM
Fluent Fluentd and Fluent-ui use default passwordEcosystems: rubygems
Packages: fluentd-ui, fluentd
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: time
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 1 year ago
GSA_kwCzR0hTQS1mZzd4LWc4MnItOTRxY84AAyet
Ruby Time component ReDoS issueEcosystems: rubygems
Packages: time
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: uri
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
GSA_kwCzR0hTQS1odjVqLTNoOWYtOTljMs4AAyes
Ruby URI component ReDoS issueEcosystems: rubygems
Packages: uri
Source: GitHub Advisory Database
Blast Radius: 23.0
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: unpoly-rails
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: about 1 year ago
GSA_kwCzR0hTQS1tODc1LTN4ZjYtbWY3OM4AAyeB
unpoly-rails Denial of Service vulnerabilityEcosystems: rubygems
Packages: unpoly-rails
Source: GitHub Advisory Database
Blast Radius: 6.1
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: twitter-bootstrap-rails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS12cHF2LW1xdmMtcGN4Ms4AAyKB
Reflective Cross-site Scripting Vulnerability in twitter-bootstrap-railsEcosystems: rubygems
Packages: twitter-bootstrap-rails
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1jNnFnLWNqajgtNDdxcM4AAyIq
Possible Denial of Service Vulnerability in Rack's header parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wajczLXY1bXctcG05as4AAyIp
Possible XSS Security Vulnerability in SafeBuffer#bytespliceEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: about 1 year ago
GSA_kwCzR0hTQS0zaDU3LWhtajMtZ2ozcM4AAyAE
Rack has possible DoS Vulnerability in Multipart MIME parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 45.1
Published: about 1 year ago
Critical
Ecosystems: rubygems
Packages: pdf_info
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 1 year ago
GSA_kwCzR0hTQS05ZmgzLWo5OW0tZjR2N84AAxys
Code injection in pdf_infoEcosystems: rubygems
Packages: pdf_info
Source: GitHub Advisory Database
Blast Radius: 10.6
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: clockwork_web
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wNHh4LXc2ZnItYzR3Oc4AAxVr
Clockwork Web contains a Cross-Site Request Forgery Vulnerability with Rails < 5.2Ecosystems: rubygems
Packages: clockwork_web
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
GSA_kwCzR0hTQS1nN2dmLTJycXctNXJ3eM4AAxPk
Publify contains Weak Password RequirementsEcosystems: rubygems
Packages: publify_core
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: sanitize
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: about 1 year ago
GSA_kwCzR0hTQS1mdzNnLTJoM2otcW1tN84AAxPa
Improper neutralization of `noscript` element content may allow XSS in SanitizeEcosystems: rubygems
Packages: sanitize
Source: GitHub Advisory Database
Blast Radius: 24.6
Published: about 1 year ago
Critical
Ecosystems: rubygems
Packages: flash_tool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS02MzI1LTZnMzItN3AzNc4AAxNI
flash_tool Gem for Ruby File Download Handling Arbitrary Command ExecutionEcosystems: rubygems
Packages: flash_tool
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: devise
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: about 1 year ago
GSA_kwCzR0hTQS03NDZnLTNnZnAtaGZod84AAxNH
Devise Gem for Ruby Unauthorized Access Using "Remember Me" CookieEcosystems: rubygems
Packages: devise
Source: GitHub Advisory Database
Blast Radius: 40.2
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: xaviershay-dm-rails
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS04OHA4LTR2djUtODJqN84AAxNG
xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process tableEcosystems: rubygems
Packages: xaviershay-dm-rails
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS02MzZmLXhtNWotcGo5bc4AAxIx
Several quadratic complexity bugs may lead to denial of service in CommonmarkerEcosystems: rubygems
Packages: commonmarker
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: exiftool_vendored
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
GSA_kwCzR0hTQS1xOTVoLWNxcnYtOGp2Nc4AAxGB
ExifTool vulnerable to arbitrary code executionEcosystems: rubygems
Packages: exiftool_vendored
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
High
Ecosystems: rubygems
Packages: jruby-openssl
Source: GitHub Advisory Database
Blast Radius: 30.3
Published: about 1 year ago
GSA_kwCzR0hTQS14Z3Y3LXBxcWgtaDJ3Oc4AAxEu
jruby-openssl gem for JRuby fails to do proper certificate validationEcosystems: rubygems
Packages: jruby-openssl
Source: GitHub Advisory Database
Blast Radius: 30.3
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS05M3BtLTVwNWYtM2doeM4AAxD0
Denial of Service Vulnerability in Rack Content-Disposition parsingEcosystems: rubygems
Packages: rack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wODR2LTQ1eGotd3dxas4AAxDz
ReDoS based DoS vulnerability in Action DispatchEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1qNmdjLTc5Mm0tcWdtMs4AAxDy
ReDoS based DoS vulnerability in Active Support's underscoreEcosystems: rubygems
Packages: activesupport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
GSA_kwCzR0hTQS05NDQ1LTRjcjYtMzM2cs4AAxDx
Open Redirect Vulnerability in Action PackEcosystems: rubygems
Packages: actionpack
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: about 1 year ago
Statistics
Advisories: 17,467
Packages: 8,114
Repositories: 285
Ecosystems: 12
Packages: 8,114
Repositories: 285
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
actionpack
57
nokogiri
42
rubygems-update
25
puppet
23
rack
22
activerecord
21
publify_core
14
activesupport
14
passenger
13
actionview
12
puma
11
rails
11
jquery-rails
10
fat_free_crm
10
rails-html-sanitizer
9
org.webjars.npm:jquery
9
jquery
9
jQuery
8
decidim
7
jquery-ui
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
org.jruby:jruby-stdlib
7
jQuery.UI.Combined
7
camaleon_cms
6
katello
6
doorkeeper
6
ember-source
6
loofah
6
bundler
5
commonmarker
5
spree
5
spree_auth_devise
5
sinatra
4
sanitize
4
webrick
4
mail
4
activestorage
4
carrierwave
4
grpc
4
devise
4
sidekiq
4
grpcio
4
fluentd
4
avo
4
dragonfly
4
bootstrap
3
decidim-core
3
chartkick
3
bootstrap
3
openssl
3
cgi
3
rubyzip
3
gollum
3
omniauth
3
geminabox
3
resque
3
ruby-saml
3
json-jwt
3
rest-client
3
yard
3
private_address_check
3
rails_admin
3
rack-cors
3
io.grpc:grpc-protobuf
3
rdoc
3
git
3
pdfkit
2
omniauth-facebook
2
paperclip
2
net-ldap
2
echor
2
twitter-bootstrap-rails
2
mini_magick
2
sup
2
phlex
2
sprockets
2
bson
2
json
2
mapbox.js
2
field_test
2
user_agent_parser
2
solidus_core
2
view_component
2
faye
2
pghero
2
spina
2
cocoapods-downloader
2
kramdown
2
solidus_frontend
2
devise-two-factor
2
redcarpet
2
i18n
2
uri
2
httparty
2
VladTheEnterprising
2
ox
2
red-arrow
2
pyarrow
2
radiant
2
mechanize
2
activeadmin
2
google-protobuf
2
logstash-core
2
administrate
2
com.google.protobuf:protobuf-kotlin
2
com.google.protobuf:protobuf-java
2
yajl-ruby
2
pageflow
2
secure_headers
2
safemode
2
git-fastclone
2
facter
2
ruby-openid
2
decidim-templates
2
qiita-markdown
2
bootstrap-sass
2
mapbox-rails
2
twitter-stream
1
solidus_auth_devise
1
keynote
1
foreman_ansible
1
gitlab-grit
1
geokit-rails
1
blazer
1
solidus_backend
1
railties
1
multi_xml
1
rmagick
1
hiera
1
mcollective-client
1
wicked
1
actionmailer
1
hub
1
kelredd-pruview
1
sqlite3-ruby
1
github.com/github/hub
1
websocket-extensions
1
thin
1
rack-mini-profiler
1
ruby-jss
1
cap-strap
1
matestack-ui-core
1
sha3
1
restforce
1
pysha3
1
ruby_parser
1
better_errors
1
mongrel
1
unpoly-rails
1
bindata
1
oxidized-web
1
github.com/pubnub/swift
1
pubnub
1
pubnub
1
pubnub/pubnub
1
pubnub
1
pubnub
1
Pubnub
1
github.com/pubnub/go/v5
1
github.com/pubnub/go/v6
1
github.com/pubnub/go
1
github.com/pubnub/go/v7
1
com.pubnub:pubnub
1
rubocop
1
ruby-mysql
1
gtk2
1
rotp
1
@turbo-boost/commands
1
turbo_boost-commands
1
stringio
1
discordrb
1
diffy
1
recurly
1
md2pdf
1
sounder
1
date
1
octopoller
1
paratrooper-newrelic
1
jmespath
1
trilogy
1
sentry-raven
1
devise_invitable
1
ftpd
1
tweetstream
1
flash_tool
1
lean-ruport
1
openshift-origin-node
1
point-cli
1
govuk_tech_docs
1
audited
1
omniauth-apple
1
spree_api
1
omniauth-auth0
1
shrine
1
message_bus
1
inline_svg
1
pdf_info
1
rswag
1
resque-scheduler
1
Filter by Repository
https://github.com/rails/rails
53
https://github.com/sparklemotion/nokogiri
31
https://github.com/rubygems/rubygems
18
https://github.com/rack/rack
17
https://github.com/puppetlabs/puppet
15
https://github.com/publify/publify
13
https://github.com/puma/puma
11
https://github.com/jquery/jquery
10
https://github.com/phusion/passenger
10
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/rails/rails-html-sanitizer
9
https://github.com/decidim/decidim
8
https://github.com/doorkeeper-gem/doorkeeper
6
https://github.com/flavorjones/loofah
6
https://github.com/jquery/jquery-ui
6
https://github.com/solidusio/solidus_auth_devise
5
https://github.com/solidusio/solidus
5
https://github.com/sinatra/sinatra
4
https://github.com/rgrove/sanitize
4
https://github.com/owen2345/camaleon-cms
4
https://github.com/mikel/mail
4
https://github.com/markevans/dragonfly
4
https://github.com/Katello/katello
4
https://github.com/ruby/openssl
4
https://github.com/grpc/grpc
4
https://github.com/avo-hq/avo
4
https://github.com/carrierwaveuploader/carrierwave
4
https://github.com/fluent/fluentd
4
https://github.com/rubyzip/rubyzip
3
https://github.com/ruby-git/ruby-git
3
https://github.com/rubygems/rubygems.org
3
https://github.com/rest-client/rest-client
3
https://github.com/resque/resque
3
https://github.com/cyu/rack-cors
3
https://github.com/geminabox/geminabox
3
https://github.com/spree/spree
3
https://github.com/gollum/gollum
3
https://github.com/jtdowney/private_address_check
3
https://github.com/gjtorikian/commonmarker
3
https://github.com/lsegal/yard
3
https://github.com/twbs/bootstrap
3
https://github.com/increments/qiita-markdown
2
https://github.com/ruby/webrick
2
https://github.com/ruby/uri
2
https://github.com/ruby/rdoc
2
https://github.com/activeadmin/activeadmin
2
https://github.com/ruby-ldap/ruby-net-ldap
2
https://github.com/jnunemaker/httparty
2
https://github.com/ankane/chartkick
2
https://github.com/ankane/field_test
2
https://github.com/ankane/pghero
2
https://github.com/brianmario/yajl-ruby
2
https://github.com/CocoaPods/cocoapods-downloader
2
https://github.com/codevise/pageflow
2
https://github.com/github/cmark-gfm
2
https://github.com/emberjs/ember.js
2
https://github.com/faye/faye
2
https://github.com/mongodb/bson-ruby
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/plataformatec/devise
2
https://github.com/mperham/sidekiq
2
https://github.com/nov/json-jwt
2
https://github.com/phlex-ruby/phlex
2
https://github.com/gettalong/kramdown
2
https://github.com/openid/ruby-openid
2
https://github.com/omniauth/omniauth
2
https://github.com/ohler55/ox
2
https://github.com/vmg/redcarpet
2
https://github.com/sparklemotion/mechanize
2
https://github.com/twitter/secure_headers
2
https://github.com/square/git-fastclone
2
https://github.com/tinfoil/devise-two-factor
2
https://github.com/sup-heliotrope/sup
2
https://github.com/svenfuchs/i18n
2
https://github.com/svenfuchs/safemode
2
https://github.com/thoughtbot/paperclip
2
https://github.com/sidekiq/sidekiq
2
https://gitlab.com/gitlab-org/cves
2
https://github.com/github/view_component
1
https://github.com/github/trilogy
1
https://github.com/github/hub
1
https://github.com/twbs/bootstrap-sass
1
https://github.com/kaminari/kaminari
1
https://github.com/theforeman/ldap_fluff
1
https://github.com/getsentry/raven-ruby
1
https://github.com/geokit/geokit-rails
1
https://github.com/tzinfo/tzinfo
1
https://github.com/gazay/gon
1
https://github.com/fnando/svg_optimizer
1
https://github.com/ua-parser/uap-core
1
https://github.com/flori/json
1
https://github.com/ua-parser/uap-ruby
1
https://github.com/ffi/ffi
1
https://github.com/faye/websocket-extensions-ruby
1
https://github.com/faye/faye-websocket-ruby
1
https://github.com/unpoly/unpoly-rails
1
https://github.com/ViewComponent/view_component
1
https://github.com/theforeman/foreman_fog_proxmox
1
https://github.com/exiftool-rb/exiftool_vendored.rb
1
https://github.com/excon/excon
1
https://github.com/evan/ccsv
1
https://github.com/jnunemaker/crack
1
https://github.com/jmespath/jmespath.rb
1
https://github.com/jirutka/asciidoctor-include-ext
1
https://github.com/jgarber/redcloth
1
https://github.com/jekyll/jekyll
1
https://github.com/janko/image_processing
1
https://github.com/jamesmartin/inline_svg
1
https://github.com/thoughtbot/cocaine
1
https://github.com/inukshuk/bibtex-ruby
1
https://github.com/jordansissel/ruby-arr-pm
1
https://github.com/josh/rack-ssl
1
https://github.com/imsebao/404team
1
https://github.com/thoughtbot/clearance
1
https://github.com/igrigorik/em-http-request
1
https://github.com/hopsoft/turbo_boost-commands
1
https://github.com/heartcombo/devise
1
https://github.com/thoughtbot/administrate
1
https://github.com/haml/haml
1
https://github.com/halostatue/minitar
1
https://github.com/Gurpartap/aescrypt
1
https://github.com/tigris/open-uri-cached
1
https://github.com/theforeman/smart_proxy_dynflow
1
https://github.com/GNOME/libxml2
1
https://github.com/TrestleAdmin/trestle-auth
1
https://github.com/binarylogic/authlogic
1
https://github.com/BetterErrors/better_errors
1
https://github.com/beenhero/omniauth-weibo-oauth2
1
https://github.com/bdmac/strong_password
1
https://github.com/bbatsov/rubocop
1
https://github.com/basecamp/marginalia
1
https://github.com/basecamp/easymon
1
https://github.com/aws/aws-sdk-ruby
1
https://github.com/zendesk/samlr
1
https://github.com/auth0/omniauth-auth0
1
https://github.com/asteinhauser/fat_free_crm
1
https://github.com/asciidoctor/asciidoctor
1
https://github.com/ankane/pgsync
1
https://github.com/zenspider/ruby_parser-legacy
1
https://github.com/zvory/csv-safe
1
https://github.com/ankane/clockwork_web
1
https://github.com/ankane/chartkick.js
1
https://gitlab.com/2013/11
1
https://github.com/ankane/blazer
1
https://github.com/amro/gibbon
1
https://github.com/alphagov/tech-docs-gem
1
https://github.com/alexreisner/geocoder
1
https://github.com/AlchemyCMS/alchemy_cms
1
https://github.com/airbrake/airbrake-ruby
1
https://github.com/ahorner/text-helpers
1
https://github.com/affix/CVE-2022-36231
1
https://github.com/adamzaninovich/sounder
1
https://github.com/elastic/logstash
1
https://github.com/elastic/apm-agent-ruby
1
https://github.com/ejschmitt/delayed_job_web
1
https://github.com/dspinhirne/netaddr-rb
1
https://github.com/doorkeeper-gem/doorkeeper-openid_connect
1
https://github.com/voloko/twitter-stream
1
https://github.com/dmendel/bindata
1
https://github.com/discourse/rails_multisite
1
https://github.com/discourse/message_bus
1
https://github.com/denkGroot/Spina
1
https://github.com/dejan/espeak-ruby
1
https://github.com/wconrad/ftpd
1
https://github.com/datamapper/extlib
1
https://github.com/webbynode/webbynode
1
https://github.com/ConradIrwin/em-imap
1
https://github.com/collectiveidea/audited
1
https://github.com/whiteleaf7/narou
1
https://github.com/codders/dataset
1
https://github.com/wycats/handlebars.js
1
https://github.com/chef/mixlib-archive
1
https://github.com/cgriego/active_attr
1
https://github.com/XKCP/XKCP
1
https://github.com/camilova/activerecord-update-by-case
1
https://github.com/bvsatyaram/random_password_generator
1
https://github.com/bundler/bundler
1
https://github.com/ytti/oxidized-web
1
https://github.com/sinatra/rack-protection
1
https://github.com/rf-/keynote
1
https://github.com/restforce/restforce
1
https://github.com/sisimai/rb-sisimai
1
https://github.com/resque/resque-scheduler
1
https://github.com/Smashing/smashing
1
https://github.com/redis-store/redis-store
1
https://github.com/recurly/recurly-client-ruby
1
https://github.com/rdoc/rdoc
1
https://github.com/rcook/rgpg
1
https://github.com/rapid7/metasploit-framework
1
https://github.com/rails/web-console
1
https://github.com/rails/sprockets
1
https://github.com/Snorby/snorby
1
https://github.com/socketry/protocol-http1
1
https://github.com/rails/kredis
1
https://github.com/rails/jquery-rails
1
https://github.com/rails/globalid
1
https://github.com/railsdog/spree
1
https://github.com/railsadminteam/rails_admin
1
https://github.com/rails/activeresource
1